Google’s Password Checkup extension will soon be built into Chrome. This is a service that Google launched in February 2019 to notify users if they are still using passwords that were confirmed to be part of data breaches.
When this extension is enabled, Chrome will check passwords that you use to log into websites are part of data breaches that are known to Google. If it finds a match, you will get an alert to change the password. According to a bug tracker spotted by 9to5Google, this feature is going to be built-into Chrome, making it available to all Chrome users.
The bug is titled “Issue 986298: Integrate leak detection” and the design document is currently private. We are thus left to speculate how this might work and be integrated into Chrome. We will most likely see a toggle that is enabled by default, for this feature. The rest of this feature will continue to work as they do with the extension.
To quote Google, from the official description of the extension:
Wherever you sign-in, if you enter a username and password that is no longer safe due to appearing in a data breach known to Google, you’ll receive an alert. Please reset your password. If you use the same username and password for any other accounts, please reset your password there as well.
As 9to5Google notes, there are many benefits to baking this right into Chrome. For one, people who may not have heard about the extension will get the protection that this feature provides.
Two, you will get this service on mobile platforms where extensions are not supported.
Three, the Password Checkup service will get access to passwords that you have saved on Chrome and could use that to alert you about compromised passwords even before you use them on any website.
If you have the Chrome extension installed, well and good, if not, go ahead and install it today. I wouldn’t recommend waiting until this feature lands in the Stable version of Chrome. What do you think?